Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-2019NULL Pointer Dereference in Apple MAC OS X

CWE-476NULL Pointer DereferenceCWE-918Server-Side Request ForgeryCWE-547Use of Hard-coded, Security-relevant ConstantsCWE-170Improper Null Termination11 documents5 sources
Severity
7.5HIGHNVD
NVD5.0
EPSS
16.4%
top 5.12%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
5
JsboardApple MAC OS XApple Safari+2 more
Timeline
PublishedApr 25
Latest updateMay 1

Description

Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages5 packages

NVDapple/safari1.3.1, 2.0.3, 2.0.4_419.3+2
NVDapple/webkitbuild_18794
NVDapple/mac_os_x10.4.8
NVDjsboard/jsboard2.0.11

🔴Vulnerability Details

4
GHSA
GHSA-c398-43hf-w2rg: WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element wit2022-05-01
GHSA
GHSA-rxfg-3q5p-g4xv: Directory traversal vulnerability in login2022-05-01
GHSA
GHSA-wjv5-g9f8-6544: Apple Mac OS X Safari 22022-05-01
GHSA
Server Side Request Forgery in Apache Axis2019-05-14

💥Exploits & PoCs

2
Exploit-DB
Netartmedia PHP Mall 4.1 - SQL Injection2019-03-19
Exploit-DB
Apple Mac OSX Safari 2.0.3 (417.9.2) - 'ROWSPAN' Denial of Service (PoC)2006-04-24

📋Vendor Advisories

2
Red Hat
php: link function accepts filenames with embedded null byte and treats them as terminating at that byte on Windows2019-11-23
Red Hat
axis: Hard coded domain name in example web service named “StockQuoteService.jws” leading to remote code execution.2019-04-09